Add deploy_linux_vm role with LVM and SSH hardening

Features:
- Multi-distribution support (Debian, Ubuntu, RHEL, AlmaLinux, Rocky, SUSE)
- LVM configuration with meaningful volume groups and logical volumes
- 8 LVs: lv_opt, lv_tmp, lv_home, lv_var, lv_var_log, lv_var_tmp, lv_var_audit, lv_swap
- Security mount options on sensitive directories

SSH Hardening:
- GSSAPI authentication disabled
- GSSAPI cleanup credentials disabled
- Root login disabled via SSH
- Password authentication disabled
- Key-based authentication only
- MaxAuthTries: 3, ClientAliveInterval: 300s

Security Features:
- SELinux enforcing (RHEL family)
- AppArmor enabled (Debian family)
- Firewall configuration (UFW/firewalld)
- Automatic security updates
- Audit daemon (auditd) enabled
- Time synchronization (chrony)
- Essential security packages (aide, auditd)

Role Structure:
- Modular task organization (validate, install, download, storage, deploy, lvm)
- Tag-based execution for selective deployment
- OS-family specific cloud-init templates
- Comprehensive variable defaults (100+ configurable options)
- Post-deployment validation tasks

roles/deploy_linux_vm/tasks/post-validate.yml

@@ -0,0 +1,82 @@
+---
+# =============================================================================
+# Post-Validation Tasks - Validate Deployed VM
+# =============================================================================
+
+- name: Get VM details
+  command: virsh dominfo {{ deploy_linux_vm_name }}
+  register: deploy_linux_vm_details
+  changed_when: false
+  tags: [validate, post-deploy]
+
+- name: Display VM details
+  debug:
+    var: deploy_linux_vm_details.stdout_lines
+  tags: [validate, post-deploy]
+
+- name: Check VM is running
+  command: virsh list --name
+  register: deploy_linux_vm_running_vms
+  changed_when: false
+  failed_when: deploy_linux_vm_name not in deploy_linux_vm_running_vms.stdout_lines
+  tags: [validate, post-deploy]
+
+- name: Validate SSH connectivity
+  wait_for:
+    host: "{{ deploy_linux_vm_ip }}"
+    port: 22
+    timeout: 60
+    state: started
+  when: not deploy_linux_vm_skip_validation
+  tags: [validate, post-deploy]
+
+- name: Gather system information from VM
+  delegate_to: "{{ deploy_linux_vm_ip }}"
+  setup:
+  register: deploy_linux_vm_facts
+  vars:
+    ansible_user: "{{ deploy_linux_vm_ansible_user }}"
+    ansible_ssh_common_args: '-o ProxyJump={{ inventory_hostname }} -o StrictHostKeyChecking=accept-new'
+  when: not deploy_linux_vm_skip_validation
+  tags: [validate, post-deploy]
+
+- name: Display VM system information
+  debug:
+    msg:
+      - "=== System Information ==="
+      - "OS: {{ deploy_linux_vm_facts.ansible_facts.ansible_distribution }} {{ deploy_linux_vm_facts.ansible_facts.ansible_distribution_version }}"
+      - "Kernel: {{ deploy_linux_vm_facts.ansible_facts.ansible_kernel }}"
+      - "Architecture: {{ deploy_linux_vm_facts.ansible_facts.ansible_architecture }}"
+      - "Hostname: {{ deploy_linux_vm_facts.ansible_facts.ansible_hostname }}"
+      - "FQDN: {{ deploy_linux_vm_facts.ansible_facts.ansible_fqdn }}"
+      - "Python: {{ deploy_linux_vm_facts.ansible_facts.ansible_python_version }}"
+  when: not deploy_linux_vm_skip_validation
+  tags: [validate, post-deploy]
+
+- name: Display deployment summary
+  debug:
+    msg:
+      - "╔════════════════════════════════════════════════════════════════╗"
+      - "║            VM Deployment Successfully Completed                ║"
+      - "╚════════════════════════════════════════════════════════════════╝"
+      - ""
+      - "VM Details:"
+      - "  Name: {{ deploy_linux_vm_name }}"
+      - "  Distribution: {{ deploy_linux_vm_os_distribution }}"
+      - "  IP Address: {{ deploy_linux_vm_ip }}"
+      - "  Resources: {{ deploy_linux_vm_vcpus }} vCPUs, {{ deploy_linux_vm_memory_mb }}MB RAM, {{ deploy_linux_vm_disk_size_gb }}GB Disk"
+      - "  LVM: {{ 'Enabled' if deploy_linux_vm_use_lvm else 'Disabled' }}"
+      - ""
+      - "Access:"
+      - "  ssh {{ deploy_linux_vm_ansible_user }}@{{ deploy_linux_vm_ip }}"
+      - "  ssh -J {{ inventory_hostname }} {{ deploy_linux_vm_ansible_user }}@{{ deploy_linux_vm_ip }}"
+      - ""
+      - "Add to Ansible inventory:"
+      - "  {{ deploy_linux_vm_name }}:"
+      - "    ansible_host: {{ deploy_linux_vm_ip }}"
+      - "    ansible_user: {{ deploy_linux_vm_ansible_user }}"
+      - "    ansible_ssh_common_args: '-o ProxyJump={{ inventory_hostname }} -o StrictHostKeyChecking=accept-new'"
+      - "    os_distribution: {{ deploy_linux_vm_os_distribution }}"
+      - "    os_family: {{ deploy_linux_vm_distro_config.family }}"
+      - ""
+  tags: [validate, post-deploy]